On Wed, Aug 06, 2003 at 11:53:54AM +0100, Jose Celestino wrote:
> Hi Andre, consider applying the following patch:
>
>
> diff --recursive --unified qmail-1.03/checkpassword.c qmail-1.03-japc/checkpassword.c
> --- qmail-1.03/checkpassword.c 2003-08-06 11:45:30.000000000 +0100
> +++ qmail-1.03-japc/checkpassword.c 2003-08-06 11:45:03.000000000 +0100
> @@ -339,6 +339,7 @@
> int shift;
>
> if (encrypted[0] == '{') { /* hashed */
> + case_lowerb(encrypted+1, (byte_chr(encrypted,strlen(encrypted),'}')) );
> if (!str_diffn("{crypt}", encrypted, 7)) {
> /* CRYPT */
> shift = 7;
>
>
> This makes the userpassword scheme prefix match case insensitive.
>
> Check rfc 2307 section 5.3 for why this is a good idea.
>
This is differently fixed in current (case_diffb is your friend).
--
:wq Claudio
